Author

 Mike McConnell & Patrick Gorman

Profile of Mike McConnell & Patrick Gorman

Mike McConnell & Patrick Gorman
Member Since: 12/12/2017
Author
News & Commentary Posts: 1
Comments: 0

Mike McConnell, Senior Executive Advisor, Booz Allen Hamilton & Former US Director of National Intelligence

Mike McConnell was appointed Director of National Intelligence (DNI) under Presidents George W. Bush and Barack Obama and served as a member of the National Security Council managing the US Intelligence Community's global engagement in support of US and allied national security objectives. As DNI, McConnell was successful in persuading the president and Congress to invest over $17B in improving cybersecurity defenses of the nation. McConnell is a senior executive advisor and former vice chairman of Booz Allen Hamilton, where his primary roles included serving on the firm's leadership team and leading Booz Allen's cybersecurity business. McConnell led the development of the firm's information assurance business and intelligence business focused on policy, transformation, homeland security, and intelligence analytics. McConnell's career spans over 40 years focused on international development and foreign intelligence issues. His 29-year career as a US Navy intelligence officer included significant assignments that impacted national security issues

Patrick Gorman, CEO, CybrIQ Solutions & Chairman, Advisory Board, CyberGRX

Patrick Gorman is the CEO of CYBRIQ Solutions and serves as the advisory board chairman for CyberGRX. With 30 years of experience, Gorman has worked in multiple capacities in technology, risk and cybersecurity. Gorman recently served as the chief security officer (CSO) for Bridgewater Associates where he was in charge of cyber, physical, and staff security for the world's largest hedge fund. Mr. Gorman was the senior vice president and global chief information security officer (CISO) for Bank of America/Merrill Lynch, where he led security policy, technology, management and operations. Prior to that, Patrick worked at Booz Allen Hamilton as senior executive advisor of cybersecurity responsible for strategic planning, business development, capability development, marketing and capture management. His rich background stems from holding the position as assistant director of national intelligence for policy and strategy and chief information officer for the US intelligence community, as well as several cyberwar and intelligence positions in the military.

Articles by Mike McConnell & Patrick Gorman
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Are you sure this is how we get our data into the cloud?
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-8298
PUBLISHED: 2018-09-24
Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to index.htm.
CVE-2018-14825
PUBLISHED: 2018-09-24
A skilled attacker with advanced knowledge of the target system could exploit this vulnerability by creating an application that would successfully bind to the service and gain elevated system privileges. This could enable the attacker to obtain access to keystrokes, passwords, personal identifiable...
CVE-2018-17437
PUBLISHED: 2018-09-24
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17438
PUBLISHED: 2018-09-24
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17439
PUBLISHED: 2018-09-24
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.